Linux Network Security

1,933 views
1,812 views

Published on

Linux Network Security by Amr Ali at Software Freedom Day 2010

Published in: Devices & Hardware
1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total views
1,933
On SlideShare
0
From Embeds
0
Number of Embeds
127
Actions
Shares
0
Downloads
62
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Linux Network Security

  1. 1. Linux Network Security Amr Ali Software Freedom Day 2010
  2. 2. What is Linux? <ul><li>Invented by Linus Torvalds
  3. 3. A monolithic kernel
  4. 4. It is a UNIX based operating system
  5. 5. Very flexible modular system
  6. 6. Has a “penguin” as a mascot
  7. 7. Easily customizable at all levels
  8. 8. Can be installed on potatoes </li></ul>
  9. 9. Linux's Networking <ul><li>It has support for most protocols out of the box
  10. 10. The user has full control in great details
  11. 11. Its security is state of the art
  12. 12. Scalable and can manage organizations of any size </li></ul>
  13. 13. What is iptables? <ul><li>It is the user space interface for the Netfilter kernel module
  14. 14. By far is the most used firewall on Linux based systems, and second most used firewall on UNIX systems that utilize different kernel
  15. 15. Usually works on the Transport and the Internet layers </li></ul>
  16. 16. What is xFirewall? <ul><li>It is a smart and configurable abstract over iptables.
  17. 17. Very system/network administrator friendly
  18. 18. Detects and blocks attempts of network reconnaissance
  19. 19. Logs unauthorized access based on allowed ports
  20. 20. Helps in defeating D/DoS attacks
  21. 21. IPv6 and 6to4 ready </li></ul>
  22. 22. How xFirewall works? System Reckon? Attack? xFirewall Linux Based System
  23. 23. Scanning Methods <ul><li>Half open TCP SYN/ACK scans
  24. 24. TCP connect scan
  25. 25. UDP scan
  26. 26. XMAS scan
  27. 27. NULL scan
  28. 28. FIN scan </li></ul>
  29. 29. Configuring xFirewall <ul><li>xFirewall configuration file `/etc/xfirewall.conf' contains a whitelist of rules to control who is allowed and to where
  30. 30. “ IPv6|::|tcp|22,23” will allow incoming connections from anywhere to TCP ports 22 and 23
  31. 31. “ IPv4|0.0.0.0|udp|53” will allow incoming connections from anywhere to UDP port 53 </li></ul>
  32. 32. Download and Install xFirewall <ul><li>You can download xFirewall v1.0 from “http://amr-ali.co.cc/276/xfirewall-v1-0-released/”
  33. 33. UnTar the package, read the `README' file, so you would know how to install it properly
  34. 34. Finally edit the configuration file, save it, and issue `sudo /etc/init.d/xfirewall start' </li></ul>
  35. 35. Attacker Point of View Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-10 15:58 EEST NSE: Loaded 59 scripts for scanning. Initiating SYN Stealth Scan at 15:58 Scanning 192.168.1.100 [1000 ports] Discovered open port 3306/tcp on 192.168.1.100 Discovered open port 587/tcp on 192.168.1.100 Discovered open port 25/tcp on 192.168.1.100 Discovered open port 110/tcp on 192.168.1.100 Discovered open port 113/tcp on 192.168.1.100 Discovered open port 8888/tcp on 192.168.1.100 Discovered open port 8080/tcp on 192.168.1.100 Discovered open port 111/tcp on 192.168.1.100 Discovered open port 995/tcp on 192.168.1.100 Discovered open port 199/tcp on 192.168.1.100 Discovered open port 6699/tcp on 192.168.1.100 Discovered open port 19350/tcp on 192.168.1.100 Discovered open port 9535/tcp on 192.168.1.100
  36. 36. Thanks <ul>Questions? All presented material today will be available on my website. http://amr-ali.co.cc </ul>

×